Overview

overview

10

Static

static

UHoQQcne92zYcG1.exe

windows7_x64

10

UHoQQcne92zYcG1.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    UHoQQcne92zYcG1.exe

  • Size

    762KB

  • Sample

    210114-ytca7dlal6

  • MD5

    746069df80f84617e3d83fdc53e725b0

  • SHA1

    49be71d72f1fb60ecc955e5b5e716bcaddf1e79a

  • SHA256

    909b3558b85ccc4b1890253c148345b2eecd0511c6d33f76752e14d56c9d9018

  • SHA512

    2f14f7eb47a3d0ed9e8f8650ffa767e391e3197263d0d4d917126f8d1e7632dd011d8a4307f646c1fe9d855a6d1e5c0df7c8ff236b44911fa54941326a8cfcb4

Score
10/10
lokibotspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://51.195.53.221/p.php/SczbkxCQZQyVr

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      UHoQQcne92zYcG1.exe

    • Size

      762KB

    • MD5

      746069df80f84617e3d83fdc53e725b0

    • SHA1

      49be71d72f1fb60ecc955e5b5e716bcaddf1e79a

    • SHA256

      909b3558b85ccc4b1890253c148345b2eecd0511c6d33f76752e14d56c9d9018

    • SHA512

      2f14f7eb47a3d0ed9e8f8650ffa767e391e3197263d0d4d917126f8d1e7632dd011d8a4307f646c1fe9d855a6d1e5c0df7c8ff236b44911fa54941326a8cfcb4

    Score
    10/10
    lokibotspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks